[VoT] How to express duplicate checks with VoT?
Rolf Brugger <rolf.brugger@switch.ch> Thu, 10 March 2016 16:51 UTC
Return-Path: <rolf.brugger@switch.ch>
X-Original-To: vot@ietfa.amsl.com
Delivered-To: vot@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0E8C12D716 for <vot@ietfa.amsl.com>; Thu, 10 Mar 2016 08:51:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.867
X-Spam-Level:
X-Spam-Status: No, score=-1.867 tagged_above=-999 required=5 tests=[BAYES_50=0.8, FILL_THIS_FORM=0.001, FILL_THIS_FORM_FRAUD_PHISH=0.334, FILL_THIS_FORM_LONG=2, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HqlENyoDD-BF for <vot@ietfa.amsl.com>; Thu, 10 Mar 2016 08:51:09 -0800 (PST)
Received: from iberico.switch.ch (iberico.switch.ch [IPv6:2001:620:0:1002::27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5088512D715 for <vot@ietf.org>; Thu, 10 Mar 2016 08:51:08 -0800 (PST)
Received: from surlej.switch.ch (surlej.switch.ch [IPv6:2001:620:0:1001::69]) by iberico.switch.ch (8.14.4/8.14.4/Debian-4) with ESMTP id u2AGp5ie002929 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <vot@ietf.org>; Thu, 10 Mar 2016 17:51:06 +0100
Received: from macrb.switch.ch ([2001:620:0:44:426c:8fff:fe37:cd48]) by surlej.switch.ch with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.72) (envelope-from <rolf.brugger@switch.ch>) id 1ae3nl-0005yQ-7B for vot@ietf.org; Thu, 10 Mar 2016 17:51:05 +0100
To: vot@ietf.org
From: Rolf Brugger <rolf.brugger@switch.ch>
Message-ID: <56E1A5F8.3090201@switch.ch>
Date: Thu, 10 Mar 2016 17:51:04 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-CanIt-Geo: ip=2001:620:0:1001::69; country=CH; region=Zurich; city=Zurich; latitude=47.3720; longitude=8.5413; http://maps.google.com/maps?q=47.3720,8.5413&z=6
X-CanItPRO-Stream: switch-ch:outbound (inherits from switch-ch:default, base:default)
X-Canit-Stats-ID: Bayes signature not available
X-Scanned-By: CanIt (www . roaringpenguin . com)
Archived-At: <http://mailarchive.ietf.org/arch/msg/vot/VPcjevN07CQz_ngV-pRq-ATej_w>
Subject: [VoT] How to express duplicate checks with VoT?
X-BeenThere: vot@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Vectors of Trust discussion list <vot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vot>, <mailto:vot-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/vot/>
List-Post: <mailto:vot@ietf.org>
List-Help: <mailto:vot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vot>, <mailto:vot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Mar 2016 17:00:53 -0000
Hi all, I'm new to this list and I hope my question is not totally irrelevant here. We have plenty of use cases where RPs need to have confidence, that a person does not have multiple identities in one IdP. I don't see how this aspect of identity quality can be expressed, and I believe it is pretty orthogonal to the P, C, M and A dimensions that are currently specified in the VoT draft. We could imagine multiple ways to gradually prove that an identity has been checked against duplicates. The most straightforward approach would be to make sure that unique personal attributes are used only once within one IdP or an IdP federation, like - email address(es) - mobile phone number - home postal address - social security number - ID / passport number - the combination of name and birth date - etc. Would it make sense to express this in VoT? best regards Rolf -- SWITCH -------------------------- Rolf Brugger, project Swiss edu-ID Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41 44 268 15 15, direct +41 44 268 15 89 rolf.brugger@switch.ch, http://www.switch.ch
- [VoT] How to express duplicate checks with VoT? Rolf Brugger
- Re: [VoT] How to express duplicate checks with Vo… Justin Richer
- Re: [VoT] How to express duplicate checks with Vo… Eric Goodman
- Re: [VoT] How to express duplicate checks with Vo… Joanne Knight
- Re: [VoT] How to express duplicate checks with Vo… Nick Roy
- Re: [VoT] How to express duplicate checks with Vo… Rolf Brugger
- Re: [VoT] How to express duplicate checks with Vo… Joanne Knight
- Re: [VoT] How to express duplicate checks with Vo… Julian White
- Re: [VoT] How to express duplicate checks with Vo… Ken Dagg
- Re: [VoT] How to express duplicate checks with Vo… Eric Goodman
- Re: [VoT] How to express duplicate checks with Vo… Joanne Knight
- Re: [VoT] How to express duplicate checks with Vo… Julian White